[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
My log reporting flagged up increase in requests for php, php5, php-cgi, php.cgi, php4 from all over the net, trying old PHP exploit method. This looks like the likely candidate: Since it requires a vulnerable PHP from circa May 2012 I'm not worried about my servers, but I know some take a more reactive approach to patching and upgrades (oops). Bit concerned about possible embedded PHP but again all my devices are patched as far as vendors have released fixes. At the volumes I'm seeing this is not a big threat to the Internet, but interesting. Now when is the "interesting" OpenSSL vuln being announced...... |
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq